[tor-onions] DigiCert support for V3 onions (for onion EV certs)

Mike Tigas mike at tig.as
Tue Apr 24 19:02:16 UTC 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hey y'all,

Just wanted to report in here with a little FYI (since knowing about this may be helpful to some folks here).

I'm in the middle of renewing the cert for https://www.propub3r6espa33w.onion/ and threw a V3 onion into the CSR (since I'll probably tinker with rolling that out at some point later this year). (Also: let's not relitigate whether one should even have such certs for onions; it makes sense in our usecase.) Apparently DigiCert's system currently has issues handling this right now (we went back and forth on weird systems delays during this order), but now they've narrowed down the problem:

> The issue with the V3 URIs is that they use ECC keys and our system
> for .onions was built to only accept RSA keys. They are working on
> this fix and I will let you know as soon as I can get this order
> issued with your V3 names included.

Cheers,

Mike Tigas
https://mike.tig.as/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEGzfVMu3Uhpsce8OaFLh4upXaaEoFAlrffx4ACgkQFLh4upXa
aEr9nBAAsBqrj6E1dxBMzrgkXVUnXPJnmdf0uYC3b6vEnDFWMBkxnY+/KymEiDUj
fpmcjg4QWOD477SmffygWvF3VBoETnqp8BfqMULLg9qUWQVu1ZsbjRXIpbAO9hxs
6bTkxE/BVsoB5eAd4FrmgvKdSuEu6cLeFcXNH1zQBuSfRTwRfIzrkC7Z6Ak0K6u9
om6ktfgkqKaGBgXwXL4f2qfIIHuq0GmyxktEUNHBNafwysmqIl/0vUg5YmYvshUu
/xWp7yrcrQ4E3tri3skCpOJD9Fa8ELBs4qtcbx8BqpbO7QyjKy8VmbpSX6zPjQBi
UdyrabtMlY3w0vDYJoB7RIG2Zt5MGbsC5sl8WohhQbP2EzYhpjriYMTMjywTnWYW
qFIC7nBY3eGg/YDFII+X4r+4rQGIoW3O3C5frOSD6LfJYfwkUvFL6z/fVHygwixD
0xNvV5YawluEctXVdvUIQPxSPrN3yhkRffZQPBPQm2+2B1GW9fH1FGLP4sI9w+Iq
whXpBqo6aR0dLdk/E+aKhkV94ezyYHbnW3jw/5uYpLv/jWMHgBq2w7WPvQvI40yG
jir194aiZNKXHtZIy2tmqMtEknRLA2jPRclUdrRiCHBAtht3+350RRZI0oV35gLB
1WThM/aFidyyRN5jBGpOM1lEfnBR0PYmNDQnrg79Wi3wqDNAfK8=
=WTCN
-----END PGP SIGNATURE-----



More information about the tor-onions mailing list